Paul M Bauer

Encryption and Privacy

Now that the intensity of the debate over encryption has temporarily subsided somewhat again after the confrontation earlier this year between the FBI and Apple, I want to state my support for the technology companies working to ensure our privacy by protecting the integrity of encryption. And my position is clearly colored– okay biased–by a personal story:

Twenty some years ago, when I was still a research director at one of the telephone companies, my secretary came into my office one day and said there was a gentleman in a suit and tie asking to see me. I don’t remember his name, but he flashed an FBI badge and asked if I was responsible for the voice dial system that was then being trailed in several cities in the West. I said yes, my speech group was involved in that trial. Well, he said, the FBI had been wiretapping a big drug dealer for some time, they were close to making an arrest, but suddenly the suspect stopped dialing telephone numbers; he just picked up the phone and said “get Louie” or some such. The FBI needed the phone numbers he was calling for the case against him. Well I was a little taken aback. I explained to him that we provided the speech recognition for the project, but that we had partnered with a phone company back east for the connection to the telephone network. I had tried to get Bell Labs to build that interface into the switching system, but did not succeed. So we looked at the software which provided the switch interface and discovered that there never really was a place where the “spoken name” was translated into a 10 digit number. The name was associated directly with a customer line equipment. The reverse translation could be done from an offline database, just not in real time and not by the switch. I offered the agent a copy of the database. No, he said, he had a warrant to wiretap this one person, not for anyone else, so accessing the database would be a violation of the court order. Well, I said that is how the technology currently works; what do you want me to do? He got rather belligerent and blew off some steam about how we were deliberately interfering with their ability to enforce the laws, and that needed to change. He left in a huff, assuring me that there would be consequences. And there were. Several years later Congress passed the CALEA legislation: the Communication Assistance for Law Enforcement Act, which requires telephone companies to continue to support government surveillance efforts even when new technology is introduced. And apparently it does not cover the encryption issue; or as Tim Cook, CEO of Apple, pointed out, it expressly left out technology companies that are not communication common carriers. And so it appears to me that the FBI is now taking our their frustrations on these players.

I get the frustrations of the FBI; they are charged with protecting us from terrorists and to them is seems that technologists want to tie their hands behind their backs. And I get the concerns of the technology companies who want to give their customers the best service technology can provide. The tie breaker for me personally is that thus far I have escaped the direct wrath of terrorists but not the intimidation of my government trying to protect me from such. I currently side with the technologists for protection of our privacy.